All Categories
Administrative
Multi-Factor Authentication (MFA)

Multi-Factor Authentication (MFA)

Secure your Avochato account by setting up MFA (also known as 2FA)

Last updated on September 20, 2024

Overview

Multi-factor Authentication (MFA), also called Two-factor Authentication (2FA), is a security process that requires two steps to verify your identity. First, you enter your email and password, and then you'll be prompted to input a verification code. Avochato users can receive this code either via their verified phone number on file or through an authenticator app.

If your password is compromised, MFA adds an extra layer of protection by ensuring your Avochato account cannot be accessed unless the attacker also has access to your mobile phone.

💡
Before enabling MFA, users must add and verify their mobile numbers in Avochato. To do this, log into Avochato, click on your user profile icon at the top-right corner of your inbox, and navigate to the "Edit Profile" section to add your mobile number. If you don't have a phone number capable of receiving MFA codes, you can configure an authenticator app instead. Learn more about setting up your authenticator app by clicking here.
Notion image

Configure MFA

  1. Organization-wide (Recommended)

      2. To enable MFA for your organization, contact Avochato Customer Support via text or email. Once enabled, all users in your organization will be required to have a valid phone number capable of receiving MFA codes, or use an authenticator app such as Google Authenticator, Authy by Twilio, or Microsoft Authenticator to generate codes.

       
  1. Individual

      2. To enable MFA on your account, go to your Avochato profile and select the checkbox “Require MFA for your user across all accounts”. Remember to hit “Save” for the changes to apply.

      Notion image
 

Will I have to use my phone/authenticator app to sign-in every time?

No. By default, Avochato will recognize your authenticated device with a session token. The session token is saved to the device used to sign-in. However, MFA will always be required when signing-in to a new device.

How do I know if my Avochato users have setup MFA?

Users with "Owner" permissions can access the Manage Organization section to verify each user’s MFA status.

To access the Manage Organization section, go to the profile icon at the top-right of the page and click “Manage Organization”. Under the “My Org” left side panel, go to the “Users” tab.

Notion image
Notion image
 

On the Users section, columns are displayed on each user. Scroll right to view the Invite Status section.

Org 2FA Required: Entire Avochato organization requires 2FA to access

User 2FA Required: User requires 2FA to access

Phone Valid: User has validated a mobile phone for 2FA

Authenticator Valid: User has setup MFA via an authenticator app

Notion image
 
💡

Generate a report with the status of all users by scrolling to the bottom of the Users page and clicking the “DOWNLOAD USERS .CSV” button.

Are there other methods of Authentication or SSO, e.g. Authenticator app?

Yes! Avochato offers SSO via Microsoft Entra ID / Azure and support for authenticator apps like Google Authenticator, Authy by Twilio and Microsoft Authenticator. Avochato will announce when other methods of MFA become available.

Sign-in Flow with MFA Enabled via SMS code sent to Phone Number on File

  1. Sign In - Use your email and password to Sign In to Avochato.
      2. Notion image
  1. Code Sent - After successfully entering your password, a unique verification code is sent to your mobile number via SMS.
      2. Notion image
  1. Enter Code - You receive the SMS on your phone, open the message, and enter the code into the website or app.
  1. Access Granted - Once you input the correct code, you're granted access to your account. By default, this device will save your session token for 90 days.

Sign-in Flow with MFA Enabled Using an Authenticator App

First, you will need an Authenticator app on your device. Avochato supports Google Authenticator, Authy, and Microsoft Authenticator. To learn more about setting up an authenticator app, click here.

  1. Sign In - Use your email and password to Sign In to Avochato.
Notion image
  1. Code Generated - A code will be generated by your authenticator app (e.g Google Authenticator)
      2. Notion image
  1. Enter Code - You will be asked to enter the code indicated on your authenticator app. If you don’t have your authenticator app with you or have lost it, you will still have an option to get a code via SMS to your phone number by clicking “Try using phone 2FA”
      2. Notion image
  1. Access Granted - Once you input the correct code, you're granted access to your account.

Troubleshooting

If you or your team member has an issue logging into Avochato, please first clear your browser cache and cookies and reattempt login before contacting Support.

Did this answer your question?
😞
😐
🤩
Bulk Actions Microsoft Entra ID/ Azure Active Directory SSO